
On 14 July 2026, OfDIA published its first annual report on the operation of Part 2 of the Data (Use and Access) Act 2025 (the ‘Act’).
Part 2 of the Act provides the legal foundation for trusted digital verification services in the UK. Our first annual report shows how the regime is working in practice, the progress made so far and the priorities for the next phase of delivery.
Why this report matters
Trust is essential if digital verification services are to be widely used.
People must have confidence that services are secure, privacy-preserving and designed around their needs. Businesses and public authorities need to know that services meet clear standards. Providers need a clear and consistent regime to operate within.
Part 2 of the Data (Use and Access) Act put key elements of the regime for trusted digital verification services (DVS) on a statutory footing. This includes the DVS trust framework (trust framework), supplementary codes, the public DVS register, the information sharing power and the UK CertifID trust mark.
The annual report is an important part of that picture. It provides a transparent account of how the DVS regime is developing and how OfDIA is supporting a trusted and effective UK DVS market.
What it says
The annual report sets out progress across the main parts of the DVS regime, including the UK digital verification services trust framework, the public register of services and preparations for the UK CertifID trust mark.
It also explains how the framework supports wider goals: making digital checks easier to trust, helping services operate to consistent standards, and supporting a market that works for people, businesses and public authorities.
For people, the aims of the DVS regime are simple: to make it easier to prove things about yourself when you need to, while reducing unnecessary sharing of personal information. For businesses, it can support smoother checks and better user journeys. For public authorities, the regime creates a clearer route for working with registered services, with safeguards around how information is used.
A growing ecosystem
The work is taking place against a backdrop of growing adoption and market activity in the wider digital identity sector.
The report draws on the economic findings in the 2026 Digital Identity Sectoral Analysis report, which identified 275 firms providing digital identity products and services in the UK, generating an estimated £2.027 billion in annual revenue, supporting over 9,600 UK digital identity sector jobs.
The analysis also found that 77% of UK consumers had used digital identity services, with 85% among adults under 45. Both figures are higher than in 2025.
These figures show that digital identity and verification services are already part of everyday economic activity. That makes trust clear rules and effective oversight even more important.
What happens next for DVS
The annual report is not just a reflection of our progress. It also sets out the priorities for the next stage of delivery.
These include supporting certification against version 1.0 of the trust framework, issuing the UK CertifID trust mark to eligible registered services, developing a machine-readable layer of the register, progressing the statutory Code of Practice for the information sharing power, and continuing engagement on future updates to the trust framework.
We will continue to work with industry, civil society, public authorities, regulators and other government departments as the ecosystem develops. This open approach is important. DVS will only succeed if the rules remain practical, proportionate and trusted by the people and organisations who use them.
Our first annual report shows how the regime is taking shape in practice, and how we will continue building a trusted market for DVS in the UK. You can read the annual report here: OfDIA 2026 Annual Report on the operation of Part 2 of Data (Use and Access) Act 2025 - GOV.UK

Leave a comment